Asan İmza – your identification
e-Azerbaijan with Asan İmza (Mobile ID) means that communication between the government and citizen has been completely transformed, making bureaucracy a mark of the past and making the running of all levels of government more efficient than ever before.
That means that Azerbaijan government is always with its citizens via phone ANYWERE, ANYTIME, ANYHOW access to ANY service by ANYBODY!
The Asan İmza (Mobile ID) is the tool by which Azerbaijan is using advanced technical solutions to create a stronger economy, a better community and a brighter future.
Asan İmza (Mobile ID) is service that allows a client to use a mobile phone as a form of secure electronic ID. Like the any other smart card technology based at e-signature solution (for example, e-IMZA), it can be used for accessing secure e-services and digitally signing documents, but has the advantage of not requiring a card reader. The system is based on a specialized Asan İmza (Mobile ID) SIM card, which the customer must request from the mobile phone operator. Private keys are stored on the mobile SIM card along with a small application for authentication and signing. Asan İmza (Mobile ID) is the first step toward Ubiquitous government in Azerbaijan – U-government, which can be viewed as a superset of e-government, which reflects new forms of interaction and transaction that are possible anywhere and at any time on various devices, due to the pervasive availability of networks, applications and services.
Mobile technology is the next stage of the Information and Communication Technologies’ revolution and mobile government will be the next inevitable evolution of e-government. As citizens across the world increasingly turn to mobile technology as their main source for news, information and connecting with others, M-Government certainly will continue to expand. Governments understandably want to reach out to citizens in innovative ways in order to streamline the administrative process. By 2018, the number of mobile subscriptions is expected to be almost the same as the number of global citizens, with mobile penetration estimated to be 96%.
The Asan İmza (Mobile ID) service is a collection of organizational and technical measures to create a strong, seamless digital identity for Internet users. Now, in the advanced mobile market of Azerbaijan, the security functionality has been incorporated into the SIM card, turning the mobile phone into a personal trusted device able to remotely authenticate an individual, protect identities and create a legally binding digital “signature”.
To use Asan İmza (Mobile ID), users must acquire a special SIM card (available from mobile operators) and, for extra security, activate the service in ASAN or Ministry of Taxes. After that, the Asan İmza (Mobile ID) is ready to be used on any compatible website, or other devices for authentication and digital signature. The Asan İmza (Mobile ID) certificates are valid for three years. The service is implemented according to Public Key Infrastructure (PKI) and launched by mobile operators in co-operation with the Certification Services Centre Asan of the Ministry of Taxes (ASXM).
Asan İmza (Mobile ID) – the instrument for increasing administrative capacity and ensuring an innovative, modern and convenient living environment for residents of Azerbaijan. With Asan İmza (Mobile ID) we are going to make almost all financial transactions will be done electronically. Financial sector including banks can create a good basis for emerging e-Azerbaijan. With Asan İmza (Mobile ID) we can pay, m-park, established your company, pay taxes, send tax declarations, use public transport and others electronic services in the situation where e-signature smart card or e-İmza card is not available for some reasons. For students in addition can be implemented e-services in m-form, a student who passed a state examination can order the result of the examination as an SMS using Asan İmza (Mobile ID) into his/her mobile phone and can get the result in real time.
Pressure and drives
One thing that depicts an average Azerbaijani is the love for all kind of new, best, innovative and the love for mobile phone technology, to use the latest mobile phone technology. Azerbaijan mobile market is one of the most penetrated, exceeding 100%. Mobile broadband access services, as well as mobile content and applications, are readily available, underpinning future revenue growth.
Implementing the Asan İmza (Mobile ID) ensures compliance with Azerbaijan Electronic signature and Electronic document law and other international standards, including Directive 1999/93/EC. The highest concern is ensuring that the user registration process is secure enough to be used by service providers and government. There were no standards and no best practices available in this area.
Impact (change & innovation) – Asan İmza (mobile ID) always carried, always on
The main impact is for users, who benefit from a more convenient login (authentication) process, which is compatible among websites. This service has shown real value in furthering secure usage of m- and e-services. Not all people have traditional smart card (e-imza card), compatible computers and other devices, but almost all of them have mobile phones with them at all times, so Asan İmza (Mobile ID) usage just on one mobile phone greatly reduces the risk of e-services. There is no more queuing, no bribes, no forms in triplicate, and no need to plead a case to several administrators. The benefit of service providers is that the authentication process is highly secure and low cost.
Using the new Asan İmza (Mobile ID) in the handset will enable users to access a range of public and private sector services, including electronic banking and government web and mobile services. With their mobile phones the citizens of Azerbaijan will be able to authenticate themselves electronically filing tax declarations, opening new company, registering for social security and paying for goods online. Creating a digital signature from the handset may even be used as proof of identity at a physical point of sale.
The mobile phone and SIM card have, by default, become the world`s most pervasive smart card/card reader combination. Unlike the existing e-signature smart cards or e-imza cards (the size of a credit card) the SIM-based certificates do not require the user to be present when authenticating himself via an independent card reader. In this instance, the handset acts as the card reader, requesting the user to authenticate himself through a PIN code request, and sends an electronic digital signature to the service provider.
Thanks to Asan İmza the following objectives have largely been met:
- Deliver innovative services via the mobile channel that were not feasible with the Internet.
- Make government e-services more accessible to a wider customer base and increase convenience for those who need to transact on the move. Any m-service subscription could be easily accessed on the one-stop portal of ASAN in the nearest future.
Response of Asan İmza
In line with technology trends, the m-Government is also shifting gears to facilitate the delivery of ASAN XİDMƏT (the State Agency for Public Service and Social Innovations under the President of the Republic of Azerbaijan) and Tax Ministry m-services over more varied mobile devices and platforms. To further tap into the emerging mobile technologies, such as location-based capabilities and augmented reality, the m-Government instruments is supporting organisations in their pilot development of m-services.
Security of Asan İmza
M-Government service offering will need to make security and privacy a top priority, as very strong security will be required for applications or services that contain sensitive information. Some of the reinforced needs to ensure security are related to the increasing use of mobile signatures – there is a need for additional measures to be taken to identify an individual, so that theft or lost of their phones does not allow an impostor to engage in transaction be spoofed today.
Mobile PKI offers a very strong security framework for all parties. The security related operations are done in the SIM card, a tamper resistant environment, making it almost impossible to misuse the user’s identity. Software that tries to steal the identity of the user or sniff out passwords or other credentials cannot penetrate the SIM security. Authentication and signature information travels through the SMS and back-end channels to the service provider and is verified by the operator, so even if the user is attacked at the browser level, or the computer is infected, it does not matter. The data never goes through the Internet channel. To be successful, the attacker should also gain access to the mobile operator network to attack/infect the encrypted SMS messages.